package guda.house.web.security;


import guda.house.biz.security.SecurityUtil;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * Created by well on 15/11/21.
 */
public class StarkAuthChecker {

    private StarkAuthChecker.Callback<?> callback = new DefaultCallback();

    public boolean check(HttpServletRequest request, HttpServletResponse response) throws ServletException {
        Callback<Object> cb = (Callback<Object>) callback;
        RequestContext requestContext = new RequestContext();
        requestContext.httpServletRequest = request;
        requestContext.httpServletResponse = response;
        Object status = cb.onStart(requestContext);

        String userName = cb.getUserName(status);
        boolean fromWeixin = cb.fromWeixin(status);
//        String[] roleNames = cb.getRoleNames(status);
        String requestUri = request.getRequestURI();
        if ("/login.htm".equals(requestUri)) {
            cb.onAllow(status);
            return true;
        }
        if(requestUri.startsWith("/api")){
            cb.onAllow(status);
            return true;
        }
        if(requestUri.startsWith("/weixin")){
            cb.onAllow(status);
            return true;
        }
        if ("/405.htm".equals(requestUri)) {
            cb.onAllow(status);
            return true;
        }
        if ("/404.htm".equals(requestUri)) {
            cb.onAllow(status);
            return true;
        }
        if ("/error.htm".equals(requestUri)) {
            cb.onAllow(status);
            return true;
        }

        if ("/loginOut.htm".equals(requestUri)) {
            cb.onAllow(status);
            return true;
        }
        if (userName != null) {
            if(requestUri.startsWith("/front")){
                cb.onAllow(status);
                return true;
            }else{
                if(fromWeixin){
                    cb.onDeny(status);
                    return false;
                }
            }
            if(!SecurityUtil.access(requestUri)){
                try {
                    response.sendRedirect("/405.htm");
                    return false;
                } catch (IOException e) {
                    e.printStackTrace();
                }
            }
            cb.onAllow(status);
            return true;
        }


        cb.onDeny(status);
        return false;

    }

    public void setCallback(Callback<?> callback) {
        this.callback = callback;
    }

    public interface Callback<T> {
        String getUserName(T status);

        boolean fromWeixin(T status);

        String[] getRoleNames(T status);

        T onStart(RequestContext context) throws ServletException;

        void onAllow(T status) throws ServletException;

        void onDeny(T status) throws ServletException;
    }

    public class RequestContext {
        public HttpServletRequest httpServletRequest;
        public HttpServletResponse httpServletResponse;
    }

    private class DefaultCallback implements Callback<RequestContext> {
        public String getUserName(RequestContext status) {
            return null;
        }

        @Override
        public boolean fromWeixin(RequestContext status) {
            return false;
        }

        public String[] getRoleNames(RequestContext status) {
            return null;
        }

        public RequestContext onStart(RequestContext context) {
            return context;
        }

        public void onAllow(RequestContext status) throws ServletException {
        }

        public void onDeny(RequestContext status) {
        }
    }
}
